package com.deuwise.common.aspect;

import com.alibaba.fastjson.JSONObject;
import com.deuwise.common.exception.DeuWiseException;
import com.deuwise.common.utils.EnumErrorCode;
import com.deuwise.common.utils.authorize.LicenseCode;
import com.deuwise.common.xss.HttpCharacterResponseWrapper;
import com.deuwise.config.oauth2.CheckAuthorizeCode;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.Element;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * Copyright
 *
 * @author chenwenchao
 * @date 2019/7/2
 * Description: 认证系统授权拦截器
 */

@WebFilter(filterName = "CORSFilter", urlPatterns = {"/*"})
@Component
public class AuthorizeInterceptor implements Filter {

    @Override
    public void init(FilterConfig var1) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;

        HttpServletRequest request1 = (HttpServletRequest) request;
        HttpServletResponse response1 = (HttpServletResponse) response;

        // 响应标头指定 指定可以访问资源的URI路径
        response1.setHeader("Access-Control-Allow-Origin", "*");

        //响应标头指定响应访问所述资源到时允许的一种或多种方法
        response1.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");

        //设置 缓存可以生存的最大秒数W
        response1.setHeader("Access-Control-Max-Age", "3600");

        //设置  受支持请求标头
        response1.setHeader("Access-Control-Allow-Headers", "token,Authorization,Origin,x-requested-with, Content-Type, Accept");

        // 指示的请求的响应是否可以暴露于该页面。当true值返回时它可以被暴露
        response1.setHeader("Access-Control-Allow-Credentials","true");
        //授权页面不进行拦截
        if(req.getRequestURI().contains("/sys/importLicense")){
            chain.doFilter(request,response);
            return;
        }
        boolean handleResult = false;
        try {
            handleResult= CheckAuthorizeCode.AuthorizeCode();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if(!handleResult){
            String ApplyCode= LicenseCode.getApplyCode();
            HttpCharacterResponseWrapper ref_charResponse=new HttpCharacterResponseWrapper(
                    (HttpServletResponse)response1);
            JSONObject jsonObject=new JSONObject();
            jsonObject.put("code",403);
            jsonObject.put("data",ApplyCode);
            jsonObject.put("msg","系统未授权请复制当前申请码去申请授权");
            String output=jsonObject.toJSONString();

            //这部分不是特别明白，response是入口参数传递过来的
            response1.setCharacterEncoding("utf-8");
            PrintWriter out =response1.getWriter();
            out.write(output);
        }else{
            chain.doFilter(request,response);
        }


    }


    @Override
    public void destroy() {

    }


}
